/**
* verifyGalleryPermissions will check for permissive permissions of all galleries owning a given item
*
* @param array $pPermName
* @access public
* @return TRUE on success, FALSE on failure - mErrors will contain reason for failure
*/
function verifyGalleryPermissions($pPermName)
{
global $gBitSystem, $gBitUser;
$ret = FALSE;
if ($this->isValid() && !empty($pPermName)) {
// get all gallery content ids
$galleryContentIds = $this->getParentGalleries();
if (!empty($galleryContentIds) && is_array($galleryContentIds)) {
$gallery = new TreasuryGallery();
foreach ($galleryContentIds as $gcid) {
// reduce load: we don't need to fully load the gallery to load the permissions
$gallery->mContentId = $gcid;
if ($gallery->hasUserPermission($pPermName)) {
// we only need one gallery that allows us to download the file
return TRUE;
}
}
}
}
$gBitSystem->fatalPermission($pPermName);
return $ret;
}
/**
* Get the last gallery created by this user. If the user hasn't created a gallery, create one
*
* @param string $pNewName Name of the new gallery
* @access public
* @return Gallery Id of the default gallery
*/
function getDefaultGalleryId($pNewName = NULL)
{
global $gBitUser, $gContent;
// as default gallery, we pick the first one created by this user
$gal = new TreasuryGallery();
$getHash = array('user_id' => $gBitUser->mUserId, 'max_records' => 1, 'sort_mode' => 'created_asc');
$upGal = $gal->getList($getHash);
if (@BitBase::verifyId(key($upGal))) {
$ret = key($upGal);
} elseif ($gBitUser->hasPermission('p_treasury_create_gallery')) {
// Since the user can create a new gallery, we simply create a new one
if (empty($pNewName)) {
$pNewName = $gBitUser->getDisplayName() . "'s File Gallery";
}
$galleryHash = array('title' => $pNewName);
if ($gal->store($galleryHash)) {
$ret = $gal->mContentId;
}
} else {
// if we reach this section, we'll simply pick the first gallery we can find and dump all files in there
$getHash = array('max_records' => 1, 'sort_mode' => 'created_asc');
$upGal = $gal->getList($getHash);
if (@BitBase::verifyId(key($upGal))) {
$ret = key($upGal);
} else {
// we need to report that there is absolutely no way we can place the gallery anywhere
$this->mErrors['no_default'] = tra('We could not find a viable gallery where we can store your upload');
}
}
if (!$gContent->isValid()) {
$gContent = new TreasuryGallery($ret);
}
return $ret;
}
<?php
/**
* @version $Header$
*
* @author xing <*****@*****.**>
* @package treasury
* @copyright 2003-2006 bitweaver
* @license LGPL {@link http://www.gnu.org/licenses/lgpl.html}
**/
/**
* Setup
*/
global $gContent;
if (@BitBase::verifyId($_REQUEST['structure_id'])) {
$gContent = new TreasuryGallery($_REQUEST['structure_id']);
$gContent->load(TRUE);
} elseif (@BitBase::verifyId($_REQUEST['content_id'])) {
$gContent = new TreasuryGallery(NULL, $_REQUEST['content_id']);
$gContent->load(TRUE);
} else {
$gContent = new TreasuryGallery();
}
$gBitSmarty->assigByRef('gContent', $gContent);
/**
* Returns HTML link to display a gallery or item
*
* @param $pTitle is the gallery we want to see
* @param $pContentId content id of the gallery in question
* @return the link to display the page.
**/
function getDisplayLink($pLinkText = NULL, $pMixed = NULL, $pAnchor = NULL)
{
global $gBitSystem;
if (empty($pLinkText) && !empty($this)) {
$pLinkText = $this->getTitle();
}
if (empty($pMixed) && !empty($this)) {
$pMixed = $this->mInfo;
}
$ret = $pLinkText;
if (!empty($pLinkText) && !empty($pMixed)) {
if ($gBitSystem->isPackageActive('treasury')) {
$ret = '<a title="' . htmlspecialchars($pLinkText) . '" href="' . TreasuryGallery::getDisplayUrlFromHash($pMixed) . '">' . htmlspecialchars($pLinkText) . '</a>';
}
}
return $ret;
}
// this interferes with the deletion
$verifyStructurePermission = 'p_treasury_update_gallery';
include_once LIBERTY_PKG_PATH . 'edit_structure_inc.php';
// get all the nodes in this structure
foreach ($rootTree as $node) {
$galleryStructure[$node['structure_id']] = str_repeat('-', $node['level']) . ' ' . $node['title'];
}
$gBitSmarty->assign('galleryStructure', $galleryStructure);
}
if (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'edit') {
$gBitSmarty->assignByRef('galInfo', $gContent->mInfo);
}
if (!empty($_REQUEST['treasury_store'])) {
// $rootStructure is created in edit_structure_inc.php
$_REQUEST['root_structure_id'] = !empty($rootStructure->mStructureId) ? $rootStructure->mStructureId : NULL;
$galleryStore = new TreasuryGallery(NULL, !empty($_REQUEST['gallery_content_id']) ? $_REQUEST['gallery_content_id'] : NULL);
$galleryStore->load();
// pass thumbnail upload on to storage hash
if (!empty($_FILES['icon']['tmp_name'])) {
$_REQUEST['thumb'] = $_FILES['icon'];
}
if ($galleryStore->store($_REQUEST)) {
bit_redirect($galleryStore->getDisplayUrl() . "&refresh=1");
} else {
$feedback['error'] = $galleryStore->mErrors;
}
}
if (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'remove_gallery' || !empty($_REQUEST['confirm'])) {
if (@BitBase::verifyId($_REQUEST['content_id'])) {
if ($_REQUEST['action'] == 'remove_gallery' && !empty($_REQUEST['confirm'])) {
if ($gContent->expunge(!empty($_REQUEST['force_item_delete']))) {
require_once TREASURY_PKG_PATH . "TreasuryItem.php";
require_once RSS_PKG_PATH . "rss_inc.php";
$rss->title = $gBitSystem->getConfig('treasury_rss_title', $gBitSystem->getConfig('site_title') . ' - ' . tra('File Galleries'));
$rss->description = $gBitSystem->getConfig('treasury_rss_description', $gBitSystem->getConfig('site_title') . ' - ' . tra('RSS Feed'));
// check permission to view treasury item
if (!$gBitUser->hasPermission('p_treasury_view_item')) {
require_once RSS_PKG_PATH . "rss_error.php";
} else {
$listHash = array('max_records' => $gBitSystem->getConfig('treasury_rss_max_records', 10), 'sort_mode' => 'last_modified_desc', 'gallery_content_id' => !empty($_REQUEST['gallery_content_id']) ? $_REQUEST['gallery_content_id'] : NULL, 'user_id' => !empty($_REQUEST['user_id']) ? $_REQUEST['user_id'] : NULL);
// check if we want to use the cache file
// we'll use groups to cache rss feeds with different permissions
$cacheFile = TEMP_PKG_PATH . RSS_PKG_NAME . '/' . TREASURY_PKG_NAME . '/' . "g{$listHash['gallery_content_id']}u{$listHash['user_id']}" . $cacheFileTail;
$rss->useCached($rss_version_name, $cacheFile, $gBitSystem->getConfig('rssfeed_cache_time'));
// if we have a gallery we can work with - load it
if (@BitBase::verifyId($_REQUEST['gallery_content_id'])) {
$gallery = new TreasuryGallery(NULL, $_REQUEST['gallery_content_id']);
$gallery->load();
$rss->title .= " - {$gallery->getTitle()}";
}
$treasury = new TreasuryItem();
$feeds = $treasury->getList($listHash);
// set the rss link
$rss->link = TREASURY_PKG_URI;
$gBitSmarty->loadPlugin('smarty_modifier_display_bytes');
// get all the data ready for the feed creator
foreach ($feeds as $feed) {
$item = new FeedItem();
$item->title = $feed->getTitle();
$item->link = $feed->getField('display_url');
$item->date = (int) $feed->getField('last_modified');
$item->source = BIT_ROOT_URI;
}
if (!empty($_FILES['file']['tmp_name'])) {
$_REQUEST['upload'] = $_FILES['file'];
}
if ($gContent->store($_REQUEST)) {
$feedback = $gContent->mErrors;
}
// give some feedback if all went well
if (empty($feedback['error'])) {
$feedback['success'] = tra('The settings were successfully applied.');
}
// now that the file has been updated, we return to the view page
bit_redirect($gContent->mInfo['display_url']);
}
// move file back to where it was
if (!empty($_REQUEST['reprocess_upload']) && !empty($tmpfile) && is_file($tmpfile)) {
// move file back to where it should be
rename($tmpfile, $gContent->mInfo['source_file']);
}
// get a list of galleries this file is already part of
$galleryContentIds = $gContent->getParentGalleries();
$gBitSmarty->assign('galleryContentIds', $galleryContentIds);
$gallery = new TreasuryGallery();
$listHash['get_sub_tree'] = TRUE;
$listHash['max_records'] = -1;
$listHash['content_permission'] = 'p_treasury_upload_item';
$galleryList = $gallery->getList($listHash);
$gBitSmarty->assign('galleryList', $galleryList);
$gContent->invokeServices('content_edit_function');
$gBitSmarty->assign('feedback', !empty($feedback) ? $feedback : NULL);
$gBitSystem->display("bitpackage:treasury/edit_item.tpl", tra("Edit File"), array('display_mode' => 'edit'));
if (!$gContent->isValid()) {
$gBitSystem->setHttpStatus(404);
$gBitSystem->fatalError(tra("The requested file could not be found"));
}
// check view permission as set for the gallery
$gContent->verifyViewPermission();
$gContent->verifyGalleryPermissions('p_treasury_view_item');
// load the parent gallery as well
if (@BitBase::verifyId($_REQUEST['structure_id'])) {
$gGallery = new TreasuryGallery($_REQUEST['structure_id']);
$gGallery->load();
} else {
// if we don't have a structure id to go by, we just get a gallery we can work with
$galleryContentIds = $gContent->getParentGalleries();
if (@BitBase::verifyId($galleryContentIds[0])) {
$gGallery = new TreasuryGallery(NULL, $galleryContentIds[0]);
$gGallery->load();
}
}
// invoke services
$displayHash = array('perm_name' => $gContent->mViewContentPerm);
$gContent->invokeServices('content_display_function', $displayHash);
$galleryDisplayPath = $gContent->getDisplayPath($gContent->getGalleryPath($gGallery->mStructureId));
$gBitSmarty->assign('galleryDisplayPath', $galleryDisplayPath);
$gBitSmarty->assignByRef('gGallery', $gGallery);
if (is_object($gGallery) && $gContent->isCommentable()) {
$commentsParentId = $gContent->mContentId;
$comments_vars = array(TREASURYITEM_CONTENT_TYPE_GUID);
$comments_prefix_var = TREASURYITEM_CONTENT_TYPE_GUID . ':';
$comments_object_var = TREASURYITEM_CONTENT_TYPE_GUID;
$comments_return_url = $gContent->getDisplayUrl();
